SANS Digital Forensics and Incident Response Blog: Author - Mark McKinnon

Digital Forensic Case Leads: New and Updated Tools, A Few Awards, A Little News and a Couple of Videos.

This week in Case Leads we have many new tools and updates to tools, so don't forget to test, test, test. Lance Mueller is back blogging as well as the forensic 4Cast awards and some videos talks from the SANS DFIR Summit. In the news a Grad student uncovers a privacy scandal, a lawsuit is … Continue reading Digital Forensic Case Leads: New and Updated Tools, A Few Awards, A Little News and a Couple of Videos.


Digital Forensic Case Leads : Flame On! The most sophisticated malware since...the last one, Higher Ed data breach and PowerShell forensics.

The big story this week (along with plenty of hyperbole) is Flame/Flamer/sKyWIper malware which has been evading detection for years and targeting systems in the Middle East. We also got some detailed and useful information from Apple in the form of an iOS Security Guide and Scripting Guy offers up several useful techniqes for using … Continue reading Digital Forensic Case Leads : Flame On! The most sophisticated malware since...the last one, Higher Ed data breach and PowerShell forensics.


Digital Forensic Case Leads: A Volume Shadow Copies Toolset Updated, Malware Binary Files Analysis Became Easier, Media and Mobile Forensics Analysis, And A Man Stabs His Computer!

Welcome to the Digital Forensic Case Leads. A Volume Shadow Copies toolset updated with a new great ability, Malware binary files analysis became easier, Media and Mobile forensics analysis,is your cloud data secure? Data killers, a man stab his computer!? Mobile phones cyberthieves, i-robot film in reality? All that and more, this week on Case … Continue reading Digital Forensic Case Leads: A Volume Shadow Copies Toolset Updated, Malware Binary Files Analysis Became Easier, Media and Mobile Forensics Analysis, And A Man Stabs His Computer!


Digital Forensic Case Leads Getting caught via metadata, A Forensic Guide to Windows 8 and the New DFIR Wall Poster.

This week in Case Leads Apples security questions, Hacker gets caught via metadata, A DFIR wall poster will be available, a guide to Windows 8 forensics, a few tools have been updated and watching 182 superhero movies in under 5 minutes. If you have an item you'd like to contribute to Digital Forensics CaseLeads, please … Continue reading Digital Forensic Case Leads Getting caught via metadata, A Forensic Guide to Windows 8 and the New DFIR Wall Poster.


Digital Forensic Case Leads: Medical Records Get Hacked, #DFIR Index, New and Updated Tools and More....

In this edition of SANS Case Leads we have petabytes of #DFIR tools, reads, news, and levity to stimulate your analytical juices and warm up your processors. Get your dongles out cause' AccessData has updates and we got more breaches to investigate! Dongleless? I got you covered with a brew of Python, Perl and EXE … Continue reading Digital Forensic Case Leads: Medical Records Get Hacked, #DFIR Index, New and Updated Tools and More....